package main

import (
	"context"
	"crypto/md5"
	"fmt"
	"net/http"
	"net/http/cgi"

	"faculty_media_report/api"
	"faculty_media_report/dbi"
	"faculty_media_report/pages"
)

func writeHTML(w http.ResponseWriter, html string) {
	w.Header().Set("Content-Type", "text/html; charset=utf-8")
	fmt.Fprint(w, html)
}

func handleLoginGet(w http.ResponseWriter, r *http.Request) {
	writeHTML(w, pages.LoginPage(""))
}

func handleLoginPost(w http.ResponseWriter, r *http.Request) {
	username := r.FormValue("username")
	password := r.FormValue("password")

	fail := func() {
		writeHTML(w, pages.LoginPage("Username or Password is incorrect."))
	}

	if username == "" || password == "" {
		fail()
		return
	}

	db, err := dbi.GetDbConn()
	if err != nil {
		fail()
		return
	}
	defer db.Close()

	conn, err := db.Conn(context.Background())
	if err != nil {
		fail()
		return
	}
	defer conn.Close()

	user, err := dbi.GetUser(conn, username)
	if err != nil {
		fail()
		return
	}

	hash := md5.Sum([]byte(password))
	if fmt.Sprintf("%x", hash) != user.Password {
		fail()
		return
	}

	if user.Status == "admin" {
		items, err := dbi.GetReportedItems(conn)
		if err != nil {
			fail()
			return
		}
		html, err := pages.DashboardPage(items)
		if err != nil {
			fail()
			return
		}
		writeHTML(w, html)
		return
	}

	token, err := dbi.GenJWT(user)
	if err != nil {
		fail()
		return
	}

	writeHTML(w, pages.MainFormPage(token))
}

func main() {
	mux := http.NewServeMux()
	mux.HandleFunc("GET /faculty/activity/login", handleLoginGet)
	mux.HandleFunc("POST /faculty/activity/login", handleLoginPost)
	mux.HandleFunc("POST /faculty/activity/api", api.HandleAPI)
	cgi.Serve(mux)
}